playbooks/trivy_docker_scan.yml aktualisiert

playbooks/trivy_docker_scan.yml

@@ -3,12 +3,15 @@
   hosts: docker_nodes
   become: yes
   tasks:
-    - name: Sicherstellen, dass Trivy installiert ist (Ubuntu)
+    - name: Sicherstellen, dass Trivy installiert ist (Ubuntu Noble)
       ansible.builtin.shell: |
         if ! command -v trivy &> /dev/null; then
+          apt-get update
           apt-get install -y wget apt-transport-https gnupg lsb-release
-          wget -qO - https://aquasecurity.github.io/trivy-repo/dabest.gpg | gpg --dearmor -o /usr/share/keyrings/trivy.gpg
-          echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main" | tee -a /etc/apt/sources.list.d/trivy.list
+          # Korrekter GPG Key Download
+          wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | gpg --dearmor -o /usr/share/keyrings/trivy.gpg
+          # Repository hinzufügen
+          echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main" | tee /etc/apt/sources.list.d/trivy.list
           apt-get update
           apt-get install -y trivy
         fi
@@ -21,7 +24,7 @@
       register: scan_output
 
     - name: Zeige Scan-Zusammenfassung im Log
-      ansible.builtin.command:
+      ansible.builtin.shell:
         cmd: trivy image --severity HIGH,CRITICAL nginx:latest
       register: trivy_summary